CVE-2017-7529
HIGH7.5EPSS 92.0%nginx - security update
Published: 7/13/2017Modified: 4/28/2026
Description
Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range filter module resulting into leak of potentially sensitive information triggered by specially crafted request.
Affected packages (4)
- Alpine/nginxfrom 0, < 1.12.1-r0
- Debian/nginxfrom 0, < 1.13.3-1
- Debian/nginxfrom 0, < 1.2.1-2.2+wheezy4+deb7u1
- Debian/nginxfrom 0, < 1.6.2-5+deb8u5
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.5 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |